What’s particularly interesting about the Umbra Malware Loader is its modular nature, namely malicious attackers can easily introduce new features while using some of the already coded plugins, next to the ones offered as a managed service.

Today’s modern malware is released in DIY fashion; it’s highly customizable, it’s localized in multiple languages, it comes with detailed instructions and HOWTO’s, and most importantly additional features including coding a new one from scratch, are available as a managed service.

Webroot’s security team is currently in a process of analyzing the Umbra Malware Loader. Details will be posted as soon as new data is gathered.